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DETAILED ACTION 

1 . This office action is in response to applicant's response filed on 01/03/2008. 

2. Claims 1-11 are pending. 

3. Claim 8 is amended. 

4. Claim 11 is new claim. 

5. Applicant's arguments have been fully considered but they are not persuasive. 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
01/03/2008 has been entered. 

Response to Arguments 



1 . Applicant's arguments with respect to claims 1-1 1 have been considered but are 
moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1 , 3 and 5-1 1 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Choo Patent No. US 6,981 ,140. 

Referring to claims 1, 5-6, 8-10 and 11, Choo teaches a security system 
comprising an information management system (equivalent to "second memory 
area/user space/user memory", 201 in fig. 2 and column 1 , lines 39-49) that manages 
information and an encryption support system (equivalent to "first memory area/Kernel 
space or Kernel/operating system (OS)") that supports encryption of information in the 
information management system, 

the encryption support system including: 

an encryption rule storing portion that stores rule information that indicates an 
encryption rule of the information for each secret level that is a level of wanting to keep 
information secret [col. 9, line 46 - col. 11, line 25; security policy database 602 in fig. 
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6, corresponding to stores an encryption rule and security association for individual IP 
packet corresponding to rule for each secret level], 

an encryption data transmitting portion that transmits encryption data that is 
necessary for encrypting information in accordance with the rule to the information 
management system [column 6, lines 18-19; column 10, line 65 - column 11, line 3; 
fig. 6; transmit data after "checked by the internet protocol security stack 510 against a 
security policy database 602" which is equivalent to rule information], 

a process information receiving portion that receives process information that 
indicates the encryption process performed by the information management system 
from the information management system [col. 5, line 62 - col. 6, line 33, the 
computing entity may comprise processors carrying out data processing], 

a monitoring portion that monitors whether or not the encryption of information is 
performed in accordance with the rule by the information management system on the 
basis of the process information received from the information management system, 
and [col. 10, line 65 - col. 11, line 25; the internet protocol security stack 510 in fig. 6 
checks/monitors each data packet against a security policy database is corresponding 
to the monitoring portion for monitoring whether the encrypted data received is 
processed according to the rule/policy prior to transmission]. 

a warning portion that warns the information management system that was found 
to encrypt information not in accordance with the rule by the monitoring portion to do 
encryption of information in accordance with the rule, and [col. 11, lines 3-25 and fig. 
6; the internet protocol security stack 510 in fig. 6 (equivalent to a warning portion as 
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well) instructs or give a notice or warns an Internet Key Exchange (IKE) block 604, in 
fig. 6 to initiate negotiation with the destination if it has not received a security 
association for transferring a particular type of data]. 

the information management system (equivalent to "second 
memory area/user space/user memory", 201 in fig. 2 and column 1 , lines 39-49) 
including: 

an encryption data receiving portion that receives the encryption data from the 
encryption support system [col. 6, lines 3-5], 

a classification secret level storing portion that stores classification of information 
managed by the information management system in connection with the secret level for 
each of the classification [col. 10, line 43 - col. 11, line 25; col. 12, lines 9-38; col. 13, 
lines 26-32 and figs. 6, 9 and 11; a classification secret level corresponding to security 
label], 

an encrypting portion that encrypts information managed by the information 
management system by using the encryption data of the secret level corresponding to 
the classification of the information received by the encryption data receiving portion 
[col. 6, lines 20-25], 

an information storing portion that stores the information encrypted by the 
encrypting portion, and 

a process information transmitting portion that transmits the process information 
about the encryption performed by the encrypting portion to the encryption support 
system [col. 10, line 63-col. 11, line 19; teaches everything the same as the 
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encryption support system (see above) which is vice versa, "the data is packetized and 
redirected via the redirector layer within the network protocol stack to the software port 
509"]. 

Referring to claim 3, Choo further teaches, wherein the information management 
system includes: 

a classification secret level transmitting portion that transmits classification 
secret level information that indicates classification of information managed by the 
information management system and the secret level corresponding to the classification 
to the encryption support system [col. 6, lines 18-19; col. 10, line 65 - col. 
11, line 25 and fig. 6, a classification secret level is equivalent to a data packet, which 
is corresponding to an encryption data], and 

the monitoring portion performs the monitoring by comparing the process 
information received from the information management system with the classification 
secret level information [col. 10, line 65 - col. 11, line 25]. 

Referring to claim 7, Choo teaches a security system, further comprising a 
validity monitoring portion (internet protocol security stack 510) that monitors validity of 
an encryption rule that is used currently in accordance with vulnerability information 
about vulnerability of security received from a security information providing portion 
[col. 10, line 65 - col. 11, line 25; for transferring information, it should be checked by 
the internet protocol security stack 510 validates and checks the security policy of the 
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information to be transmitted/received], wherein the transmitting portion transmits the 
encryption data for changing the rule appropriately to the information management 
system if it is decided that the encryption rule that is used currently has little validity 
[col. 6, lines 18-19; col. 10, line 65 - col. 11, line 25; fig. 6.; for transmitting the 
encryption data if the data has not received a security association/security, an Internet 
Key Exchange(IKE) block 604 initiate a negotiation procedure with a corresponding 
respective internet keying agent which inherently changing the rule appropriately if the 
encryption rule that is used currently has little validity]. 

Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Choo US 
Patent No. US 6,981,140 in view of litsuka etal. US Patent No. 6,463,151. 

Referring to claim 2, Choo teaches a security system comprising an information 
management system for managing information. Choo further teaches an encryption 
support system for supporting encryption of information in the information management 
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system [see claim 1 above]. Choo does not explicitly teach a security system, 
wherein the rule information indicates the rule including an encryption system that is 
used for encryption and a valid term of an encryption key that is used for the encryption. 
However, litsuka teaches a security system, wherein the rule information indicates the 
rule including an encryption system that is used for encryption and a valid term of an 
encryption key that is used for the encryption, 

if a period since the information management system encrypted information until 
the present time exceeds the valid term relevant to the rule of the secret level 
corresponding to the classification of the information [col. 3, lines 56-62 and fig. 4, 
update the type of encryption by time scale according to a change over information/data 
i.e., copy one generation, copy freely and copy-prohibited (column 4, lines 45-50)], 

the warning portion warns the information management system [col. 9, lines 
18-35; col. 12, line 63-col. 13, line 8 and figs. 2 and 4; in-transition mode (01 
is assigned in fig. 4) is equivalent to the warning portion warns/notifying the timing for 
changing over the key or encryption which inherently teaches a period or time should 
not be exceeds the valid term relevant to the rule of the secret level], 

if the encryption system that is indicated in the rule information is changed, 

the encryption data transmitting portion transmits the encryption data for 
performing encryption with the changed encryption system to the information 
management system [col. 4, lines 33-39; after update the type of encryption by 
time scale according to a change over information/data, transmission of encryption data 
will take place], 
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the warning portion warns to perform encryption of information in accordance 
with the changed encryption system [col. 9, lines 18-35; col. 12, line 63- 
col. 13, line 8 and figs. 2 and 4; in-transition mode (01 is assigned in fig. 4) is 
equivalent to the warning portion warns/notifying the timing for changing over the key or 
encryption which inherently teaches a period or time should not be exceeds the valid 
term relevant to the rule of the secret level]. 

Accordingly, it would have been obvious to one having ordinary skill in the 
art at the time of the invention to modify the method of Choo to incorporate a valid term 
of an encryption key that is used for the encryption of litsuka because determining a key 
which is used for the encryption applied to transmitted data is changed depending on 
the content of copy management information for the data. Thus, the transmitted data 
can be further securely protected. 

3. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Choo US 
Patent No. US 6,981,140 in view of Albrecht etal US Patent No. 6,510,521. 

Referring to claim 4, Choo teaches a security system comprising an information 
management system that manages information. Choo further teaches an 
encryption support system that supports encryption of information in the information 
management system [see claim 1 above]. Choo does not explicitly teach the security 
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system comprising a valid term managing portion that manages a valid term of a 
certification for affixing an electronic signature to information. However, Albrecht 
teaches a security system comprising a valid term managing portion that manages a 
valid term of a certification for affixing an electronic signature to information, wherein 

the monitoring portion monitors whether or not it is necessary to reaffix the 
electronic signature to the information in accordance with the valid term of the 
certification, and [col. 1, lines 35-41; "generates electronic signature and attached 
to a transferable unit of data" inherently teaches monitoring the information by reaffixing 
the electronic signature to the information in accordance with the valid term of the 
certification]. 

the warning portion warns the information management system for managing the 
information to reaffix the electronic signature if it is decided that it is necessary to reaffix 
the electronic signature [col. 2, lines 57-62; the electronic signature is attached at 
the time write data (system basic input/output service (BIOS) update, such as additions, 
deletions and modifications) is created, inherently teaches reaffix the electronic 
signature to information]. 

Accordingly, it would have been obvious to one having ordinary skill in the 
art at the time of the invention to modify the method of Choo to incorporate a valid term 
of a certification for affixing an electronic signature to information of Albrecht because 
generating and attaching electronic signature to a transferable unit prevents 
unauthorized write access to a protected storage such as FLASH mamory. 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to YONAS BAYOU whose telephone number is (571)272- 
7610. The examiner can normally be reached on m-f,7:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571-272-381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Yonas Bayou/ 
Examiner, Art Unit 2134 
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04/03/2008 
/Kambiz Zand/ 

Supervisory Patent Examiner, Art Unit 2134 



